Book Image

Intro to IoT Pentesting [Video]

By : ACI Learning, Daniel Lowrie, Sophie Goodwin
Book Image

Intro to IoT Pentesting [Video]

By: ACI Learning, Daniel Lowrie, Sophie Goodwin

Overview of this book

The course begins by introducing you to the world of IoT and its significance in today's tech-driven society, emphasizing the importance of security in this interconnected environment. It covers the spectrum of IoT targets and the necessity of robust security measures to protect them. The course focuses on practical skills, including the use of hardware components like multimeters, TTL to USB, and JTAGulators, as well as software tools such as terminal emulators, Binwalk, and QEMU. You will learn about firmware analysis, including acquisition, extraction, and emulation, alongside techniques for exploiting embedded operating systems, network services, and IoT web applications. The course wraps up by guiding you through hands-on practices for identifying hardware vulnerabilities, automating UART pin identification, and gaining device access, ensuring you have the knowledge to perform comprehensive pentests on IoT devices.
Table of Contents (6 chapters)
Chapter 2
Tools
Content Locked
Section 10
QEMU
Dynamic binary analysis is a useful tool for finding sensitive data and possible vulnerabilities, but most IoT devices run on less conventional hardware making this a challenging task. Enter QEMU. In this episode, we will familiarize ourselves with QEMU and utilize it to emulate the hardware environments so that we can run a dynamic analysis on IoT binaries.